Threat Research Briefing

Upwind Threat Briefing: Shai Hulud 2.0 npm Supply Chain Malware Hits 25K+ Repos Upwind breaks down the Shai Hulud 2.0 npm malware campaign — one of the largest supply chain attacks to date. Over 25,000 GitHub repositories have been compromised by this self-replicating worm, exploiting preinstall scripts and CI pipelines to steal credentials and spread rapidly. Learn what’s new in this wave, how it operates, and what developers and security teams need to do now.

New Episodes

npm supply chain attack webina group 1600x960- (1) npm-supply-chain-mobile-thumb
Threat Research Briefing
Unfolding the npm Supply Chain Attacks: From Shai Hulud to Systemic Risk
Security Live Security Live - Mobile
Thought Leadership
AWS Security Live! with Upwind
6f8cbbe408bd68595beb63dc5fb6a926d8ddce69-Preview_Optimized How-CISOs-think-Strategically-about-cloud-security-mobile-O
Thought Leadership
How CISOs Think Strategically About Cloud Security
CADR-—-The-Future-
of-Cloud-Security-Preview_Optimized CADR-—-The-Future-
of-Cloud-Security-mobile-O
Thought Leadership
CADR: The Future of Cloud Security
How-H20_ai-Bridges-Preview_Preview_Optimized how-h2o-bridges-runtime-and-build-time-mobile-O
Thought Leadership
How H20 Bridges Runtime and Build time Intelligence for Security
How-to-deploy-Upwind-in-5-minutes-Preview_Optimized How-to-deploy-Upwind-in-5-minutes-mobile-O
Upwind Product Sessions
How to Deploy the Upwind Sensor in 5 Minutes
bridging-runtime-and-build-time-intelligence-Preview_Optimized bridging-runtime-and-build-time-intelligence-mobile-O
Thought Leadership
Bridging Runtime and Build time Intelligence to Reduce Friction

Never miss a new release

Sign up for notifications when the latest episode drops on UpwindTV

Product

CNAPP
CSPM
CWPP
Container Security
Identity Security
Vulnerability Management
CADR
API Security
GenAI Security

General

About
Contact
Careers
We are hiring!
Events
Case Studies
Get A Demo

Social

X
LinkedIn
Instagram

Resources

UpwindTV
Feed
Glossary
Newsroom

Documentation

Privacy Policy
Terms of Use

© 2025 Upwind Security